From db2b1a8fc9eb40ddfd0095d9e03cecebaf36d328 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Tue, 30 Dec 2003 15:49:55 +0000 Subject: [PATCH] (change): fix same-password-again by decrypting keys and setting an error code From: Buck Huppmann git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13246 ec53bebd-3082-4978-b11e-865c3cabbd6b --- lib/kadm5/chpass_s.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/lib/kadm5/chpass_s.c b/lib/kadm5/chpass_s.c index e1f47d09f..b5409b6c8 100644 --- a/lib/kadm5/chpass_s.c +++ b/lib/kadm5/chpass_s.c @@ -53,7 +53,7 @@ change(void *server_handle, if(ret) return ret; ret = context->db->hdb_fetch(context->context, context->db, - 0, &ent); + HDB_F_DECRYPT, &ent); if(ret == HDB_ERR_NOENTRY) goto out; @@ -73,8 +73,11 @@ change(void *server_handle, keys, num_keys); _kadm5_free_keys (server_handle, num_keys, keys); - if (cmp == 0) + if (cmp == 0) { + krb5_set_error_string(context->context, "Password reuse forbidden"); + ret = KADM5_PASS_REUSE; goto out2; + } ret = _kadm5_set_modifier(context, &ent); if(ret)